You have to configure your website to either redirect the user to its homepage or to show a custom error page when a user tries to load a non-existent page. Otherwise, most web servers will advertise its name and version. Knowing the name and version of the web server software, a hacker can look online for known security flaws with the software you are using and try to exploit them.
Simply try to load http://www.yourwebsite.com/asjgasja or any set of random characters as the name of a page and see what is displayed. In Figures 5 and 6, we give two examples of websites that are not correctly configured, and we could easily discover that the first one (Figure 5) is running nginx version 1.4.2, while the second one (Figure 6) is running Apache version 2.2.8.
The way this is fixed depends on the server software and whether you have full access to the server where your website is hosted or not. If you have full access to the webserver, you should edit the httpd.conf file, add the lines below , and restart Apache (assuming that you are using Apache, which is the most popular webserver software available).
ErrorDocument 403 http://www.yourwebsite.com
ErrorDocument 404 http://www.yourwebsite.com
If you do not have this kind of access, you should discuss this configuration with your hosting company.